WordPress.org

Ready to get started?Download WordPress

Forums

Tell a Friend
HACKED - Plugin abused by malicious third parties (5 posts)

1 star
  1. jacripe
    Member
    Posted 10 months ago #

    This plugin or one running under the same name was abused by a malicious third party, causing an account infection and the uploading of numerous other files. The origin of the tell-a-friend plugin was through the WordPress Dashboard plugin installer in this case, leading me to believe it was intentionally installed by the account owner and later abused by a malicious third party.

    [Comments moderated due to a complete lack of evidence.]

  2. esmi
    Forum Moderator
    Posted 10 months ago #

    What proof do you have that this plugin was the source of your hack? You didn't even wait for the plugin's author to respond to the support topic you created exactly 2 minutes ago!

    Your site being hacked does not mean that this plugin was the back door into the server. The hacker could have gained entry at any point on the server. As such, your comments are meaningless.

  3. jacripe
    Member
    Posted 10 months ago #

    I am not permitted to share any details as that would violate privacy restrictions.

    My reason for rating the plugin a 1 is due to the association with this event, the lack of reviews, support queries and plugin updates within the last 2 years. WordPress has been updated several times in this time frame, so why wouldn't the plugin be updated also? It's insecure to use outdated software in general. Anyone who has had a more positive experience with the plugin is free to offer a positive rating to offset mine. Additionally, the plugin itself already has several positive ratings and this review was more intended to simply notify the public that this plugin presents a potential security risk since I did not see this listed anywhere online.

  4. I am not permitted to share any details as that would violate privacy restrictions.

    Not to be cynical but don't you think that is a bit convenient? If you have some actual details you can report it to plugins [at] wordpress.org.

    All you've demonstrated is that your site was hacked. You've not shown that this plugin has had anything to do with that at all.

    If you can show that to that email address then that would be valuable. Leaving a 1 star review and crying wolf? Not so much. ;)

  5. jacripe
    Member
    Posted 9 months ago #

    If this had been a compromise of my personal site or one that I owned, I would not hesitate to post the logs and other evidence. Unfortunately, I do not have this information freely available, however I have seen no further recurrences of this plugin being implicated in a malware infection. It's very possible the hacker simply named his malicious files the same as this plugin, however I am keeping the review posted until there is a response by the developer to my open support request regarding the plugin be reviewed & updated.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.